chore: publish 2.1.3+1.35.4 release

Reviewed-on: #21
Reviewed-by: fauno <fauno@sutty.coop.ar>

.env.sample

@@ -31,28 +31,6 @@ TX="Europe/Berlin"
 #SMTP_HOST=mail.example.com
 #SMTP_PORT=587
 #SMTP_SECURITY=starttls
-
-## SSO Setup Start ##
-
-## SSO Required Setup
-#SSO_ENABLED=false ## Activate the SSO
-
-## the OpenID Connect Discovery endpoint of your SSO. Should not include the /.well-known/openid-configuration part and no trailing / ${SSO_AUTHORITY}/.well-known/openid-configuration must return a JSON document: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse (with an HTTP status code 200 OK!)
-#SSO_AUTHORITY=
-#SSO_CLIENT_ID=             
-#SSO_CLIENT_SECRET= 
-#SSO_ONLY=false ## disable email+Master password authentication
-
-## SSO Optional Setup
-#SSO_SIGNUPS_MATCH_EMAIL=true ##: On SSO Signup if a user with a matching email already exists make the association (default true)
-#SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION=false ## Allow unknown email verification status (default false). Allowing this with SSO_SIGNUPS_MATCH_EMAIL open potential account takeover.
-#SSO_SCOPES= ##Optional, allow to override scopes if needed (default "email profile")
-#SSO_AUTHORIZE_EXTRA_PARAMS= ## Optional, allow to add extra parameter to the authorize redirection (default "")
-#SSO_PKCE=true ## Activate PKCE for the Auth Code flow (default true).
-#SSO_AUDIENCE_TRUSTED= ##Optional, Regex to trust additional audience for the IdToken (client_id is always trusted). Use single quote when writing the regex: '^$'.
-#SSO_MASTER_PASSWORD_POLICY ## Optional Master password policy (enforceOnLogin is not supported).
-#SSO_AUTH_ONLY_NOT_SESSION ## Enable to use SSO only for authentication not session lifecycle
-#SSO_CLIENT_CACHE_EXPIRATION=0 ## Cache calls to the discovery endpoint, duration in seconds, 0 to disable (default 0);
-#SSO_DEBUG_TOKENS=false ## Log all tokens for easier debugging (default false, LOG_LEVEL=debug or LOG_LEVEL=info,vaultwarden::sso=debug need to be set)
-
-## SSO Setup End ##
+# If SMTP isn't working, enable this line to debug
+#  remember to disable it after debugging
+#SMTP_DEBUG=true

.gitea/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,16 @@
+---
+name: "Vaultwarden pull request template"
+about: "Vaultwarden pull request template"
+---
+
+<!-- 
+Thank you for doing recipe maintenance work!
+Please mark all checklist items which are relevant for your changes.
+Please remove the checklist items which are not relevant for your changes.
+Feel free to remove this comment.
+-->
+
+* [ ] I have deployed and tested my changes
+* [ ] I have [updated relevant versions in `abra.sh`](https://docs.coopcloud.tech/maintainers/upgrade/#updating-versions-in-the-abrash)
+* [ ] I have made my environment variable changes [backwards compatible](https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes)
+* [ ] I have added a [release note entry](https://docs.coopcloud.tech/maintainers/upgrade/#creating-new-release-notes)

MAINTENANCE.md

@@ -0,0 +1,32 @@
+# Vaultwarden Recipe Maintenance
+
+All contributions should be made via a pull request. This is to ensure a
+certain quality and consistency, that others can rely on.
+
+## Maintainer Responsibilities
+
+A recipe maintainer has the following responsibilities:
+
+- Respond to pull requests / issues within a week
+- Make image security updates within a day
+- Make image patch / minor updates within a week
+- Make image major updates within a month
+
+In order to fullfill these responsibilities a recipe maintainer:
+
+- Has to watch the repository (to get notifications)
+- Needs to make sure renovate is configured properly
+
+## Pull Requests
+
+A pull request can be merged if it is approved by at least one maintainer. For
+pull requests opened by a maintainer they need to be approved by another
+maintainer. Even though it is okay to merge a pull request with one approval, it
+is always better if all maintainers looked at the pull request and approved it.
+
+## Become a maintainer
+
+Everyone can apply to be a recipe maintainer:
+1. Watch the repository to always get updates
+2. Simply add your self to the list in the [README.md](./README.md) and open a new pull request with the change.
+3. Once the pull request gets merged you will be added to the [vaultwarden maintainers team](https://git.coopcloud.tech/org/coop-cloud/teams/vw-maintainers).

README.md

@@ -3,7 +3,7 @@
 > Open source password manager
 
 <!-- metadata -->
-
+* **Maintainer**: [@fauno](https://git.coopcloud.tech/fauno), [@ammaratef45](https://git.coopcloud.tech/ammaratef45)
 * **Category**: Apps
 * **Status**: 2, beta
 * **Image**: [`vaultwarden/server`](https://hub.docker.com/vaultwarden/server), 4, upstream

compose.smtp.yml

@@ -13,6 +13,7 @@ services:
       - "SMTP_HOST"
       - "SMTP_PORT"
       - "SMTP_SECURITY"
+      - "SMTP_DEBUG"
 
 secrets:
   smtp_password:

compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: vaultwarden/server:1.35.2
+    image: vaultwarden/server:1.35.4
     networks:
       - proxy
       - internal
@@ -43,7 +43,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=3.0.0+1.35.2"
+        - "coop-cloud.${STACK_NAME}.version=2.1.3+1.35.4"
         - "backupbot.backup=true"
         - "backupbot.backup.path=/data"
 

release/2.0.1+1.35.2

@@ -0,0 +1 @@
+Allows support for 2026.1+ clients.

release/3.0.0+1.35.2

@@ -1,4 +0,0 @@
-Allows support for 2026.1+ clients.
-
-This release includes options for SSO. Check out the release notes for
-more infomation.

renovate.json

@@ -0,0 +1,10 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:recommended"
+  ],
+  "reviewers": [
+    "team:vw-maintainers"
+  ]
+
+}